<?php
require_once( dirname(__FILE__) . "/include/site_config.php");

//Validar se o utilizador tem permissoes para abrir esta pagina (tem de estar registado)
if (!$login->utilizadorLigado()) {
    $site->redirectTo("login.php");
}

require_once( dirname(__FILE__) . "/include/utilizadores.php");
$form1 = new AlterarPasswordForm();
$form2 = new AlterarPasswordForm();

//Se for um request Post (formulario submetido)
if (isset($_POST["csrf_token"]) && isset($_POST["form-actual"]) ) {
    //Alterar password actual
    $form1->validaPasswordActual();
} else if (isset($_POST["csrf_token"]) && isset($_POST["form-outro"]) )  {
    //Alterar password de outro utilizador
    $form2->validaPasswordOutro();
}

$csrf_token = $site->gerarToken();
?>
<!DOCTYPE html>
<html>
    <head>
        <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
        <title>Alterar Password</title>
        <style>
            body {
                margin: 0px;
                padding: 0px;
            }
            body > div {
                width: 800px;
                margin: auto;
            }
            .titulo { text-align: center; margin-top: 50px; }
            .boas-vindas { text-align: left; }
            .boas-vindas a { margin-left: 10px; }
            .menu {text-align: left;}
            .menu div {display: inline; margin: 5px 5px 0px 0px;}
            .error {margin-top: 10px;}
            fieldset {width: 200px; margin: 20px;}
            .longo {width: 98%;}
            .medio {width: 50%;}
        </style>
    </head>
    <body>
        <div>
            <h2 class="titulo">Alterar Password</h2>
            <?php require_once 'menu.php'; ?>
            
            <form id="alterar-password-actual" action="alterar_password.php" method="post">
                <fieldset>
                    <legend><?php echo $user['username']; ?></legend>
                    <input type="hidden" name="csrf_token" id="csrf_token" value="<?php echo $csrf_token; ?>" />
                    <input type="hidden" name="form-actual" value="actual" />
                    <div>
                        <label for="password1">Password actual</label><br />
                        <input class="longo" name="password1" id="password1" type="password" value="" maxlength="15" />
                    </div>
                    <div>
                        <label for="password2">Nova password</label><br />
                        <input class="longo" name="password2" id="password2" type="password" value="" maxlength="15" />
                    </div>
                    <input name="utilizador" type="submit" value="Alterar" />
                    <div class="error"><?php echo $form1->msg_erro; ?></div>
                </fieldset>
            </form>
            
            <form id="alterar-password-outro" action="alterar_password.php" method="post">
                <fieldset>
                    <legend>Outro utilizador</legend>
                    <input type="hidden" name="csrf_token" id="csrf_token" value="<?php echo $csrf_token; ?>" />
                    <input type="hidden" name="form-outro" value="outro" />
                    <div>
                        <label for="username">Username</label><br />
                        <input class="longo" name="username" id="username" type="text" value="" maxlength="15" />
                    </div>
                    <div>
                        <label for="password1">Password</label><br />
                        <input class="longo" name="password1" id="password1" type="password" value="" maxlength="15" />
                    </div>
                    <div>
                        <label for="password2">Nova password</label><br />
                        <input class="longo" name="password2" id="password2" type="password" value="" maxlength="15" />
                    </div>
                    <input name="utilizador" type="submit" value="Alterar" />
                    <div class="error"><?php echo $form2->msg_erro; ?></div>
                </fieldset>
            </form>
        </div>
    </body>
</html>
